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Replacement drawing sheet(s) including the correction is required if the drawing(s) is objected to. See 37 CFR 1 .121 (d). 
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DETAILED ACTION 

1 . Claims 1-3 and 33-49 are pending in this application and have been examined. 

Response to Arguments 

2. Applicant's arguments filed 4-25-06 have been fully considered but they are not 
persuasive. 

The applicant argues in traverse of the rejection of the claims under 35 USC 102(b) as 
anticipated by Orita ' 147 by asserting a failure of Orita to teach remote retrieval of a data file as 
recited in the claimed invention. The Applicant asserts that the use of a workstation able to 
retrieve data files from a data storage unit that is external to the workstation does not constitute 
remote access. The Examiner counters that a reasonably broad interpretation of the term 
"remote" does encompass the system as taught by Orita (figure 1 : elements 10 and 11, figure 3: 
element SI 1 , col. 2 lines 53-62). 

Claim Rejections - 35 USC § 102 

3. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the 
basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(a) the invention was known or used by others in this country, or patented or described in a printed publication in this 
or a foreign country, before the invention thereof by the applicant for a patent. 

(b) the invention was patented or described in a printed publication in this or a foreign country or in public use or on 
sale in this country, more than one year prior to the date of application for patent in the United States. 
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4. Claims 1-2 are rejected under 35 U.S.C. 102(b) as being clearly anticipated by Orita, 
5163147. 

As for claim 1, Orita teaches a machine system for protecting access constrained 
information from unauthorized access by way of unauthorized users or unauthorized programs, 
said machine system comprising (abstract, col. 1 lines 5-10): 

(a) data-providing means for providing data of an identified one of two or more digital data files, 
where each of said files is identifiable by a file name and where each of said files is stored and 
retrievable remotely (figure 1: elements 10,1 1, and 14, figure 3: element SI 1, col. 2 lines 53-62, 
col. 4 lines 46-68); 

(b) an interceptable access mechanism through which data of an identified file of the 
data-providing means is accessed by identifiable, access-requesting programs and/or 
access-requesting users (abstract, col. 4 lines 46-68); 

(c) access-control means coupled to intercept data access attempts made through said 
interceptable access mechanism, wherein the access-control means includes deny/approve means 
for testing the intercepted data access attempts and responsively 

denying or approving intelligible or other data access to the data of an identified subset of said 
files based on one or more of the identity of an access-attempting program, the time of the access 
attempt, the machine or location from which the access request originates and a user associated 
with the access request, and wherein the access-control means includes permissions control 
means for responding to permission rules associated with respective ones of identifiable subsets 
of said files (col. 4 lines 46-67, fig. 5); and 
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(d) localizing means for transparently and temporarily localizing external files and respective 
external permission rules of such external files for use by said access-control means (abstract, 
col. 1 lines 5-10). 

As for claim 2, Orita teaches a machine-implemented method for protecting access 
constrained information from unauthorized access by way of unauthorized users or unauthorized 
programs, said machine-implemented method comprising (abstract, col. 1 lines 5-10): 

(a) in response to a navigation-based request, providing data of an identified one of two or more 
digital data files, where each of said files is identified in the navigation-based request by a file 
name, file handle, or equivalent and where each of said files is stored and retrievable remotely 
(figure 1: elements 10, 11, and 14, figure 3: element SI 1, col. 2 lines 53-62, col. 4 lines 46-68); 

(b) intercepting data access attempts made through an interceptable access mechanism, wherein 
(col. 4 lines 46-68): 

(b.l) the interceptable access mechanism is one through which data of an identified file of the 
data-providing means is accessed by identifiable, access-requesting programs and/or access 
requesting users (col. 4 lines 46-67, fig. 5); 

(b.2) the interceptable access mechanism includes access control means includes deny/approve 
means for testing the intercepted data access attempts and responsively denying or approving 
intelligible or other data access to the data of an identified 

subset of said files based on one or more of the identity of an access attempting program, the 
time of the access attempt, the machine or location from which the access request originates and 
a user associated with the access request (col. 4 lines 46-67, fig. 5); and 
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(b.3) the access-control means includes permissions control means for responding to permission 
rules associated with respective ones of identifiable subsets of said files; and said method further 
comprises (col. 4 lines 46-67, fig. 5); and 

(c) in response to those of said navigation-based requests which request external files, 
transparently and temporarily localizing the external files and the respective external permission 
rules of such external files for use by said access-control means (abstract, col. 1 lines 5-10). 

Claim Rejections - 35 USC § 103 

5. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in 
section 102 of this title, if the differences between the subject matter sought to be patented and the prior art are 
such that the subject matter as a whole would have been obvious at the time the invention was made to a person 
having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived by the 
manner in which the invention was made. 

6. Claim 3 is rejected under 35 U.S.C. 103(a) as being unpatentable over Orita as applied to 
claim 2 above, and Rager 5,412,721. 

As for claim 3, Orita teaches the machine-implemented protecting method of Claim 2, 
but not wherein: confidential information is kept essentially and consistently in encrypted format 
when the confidential information either resides within a remote file server or within easily 
removable media or when such confidential information is in transit along an untrusted 
(not-secure) communications link; said confidential information is exposed in plaintext form on 
an as needed and as-authorized basis, essentially only when said confidential information resides 
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within a local client that is conveniently viewable by one or more authorized users; said 
plaintext exposure is allowed to occur only after an authorized user validates his or her 
authorization to access the information at the local client. However Rager et al. does teach these 
features (abstract, Fig. 3B item 316) Therefore it would have been obvious to one of ordinary 
skill in the art at the time of the invention to incorporate these features into the system of Orita. 
It would have been desirable to do so as described in the abstract of Rager so as to prevent access 
to the data in the event of power to the memory device being shut off. 

Allowable Subject Matter 

7. Claims 33-49 are allowed. 

8. The following is a statement of the reasons for the indication of allowable subject matter: 
The closest prior art in the field, Orita ' 147, does not teach the combination of features of 

the Applicant's claimed invention, particularly including: 

As per claims 33 and 40; the second testing step of the Applicant wherein a determination 
is made as to whether access constraining control information is available in an internal and 
physically secure storage area, subsequently attempting to import the access constraining 
information if it is determined to be absent, and if the attempt to import reveals that the access 
constraining information is unavailable, determining if the access control information is 
necessary for an intercepted data-access request, or file closing request, to be completed 
normally, and blocking the access request if it is determined that the access constraining 
information is necessary. 
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As for claim 48; the intercept of a request to close a file, and a close-continuance means, 
responsive to an open-intercept means, for determining whether an intercepted file-close request 
is requesting the close of a file for which a close request is to be denied based on associated 
access constraining rules. 

Conclusion 

9. THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time 
policy as set forth in 37 CFR 1.136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within TWO 
MONTHS of the mailing date of this final action and the advisory action is not mailed until after 
the end of the THREE-MONTH shortened statutory period, then the shortened statutory period 
will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 
CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, 
however, will the statutory period for reply expire later than SIX MONTHS from the mailing 
date of this final action. 

10. Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Paul E. Callahan whose telephone number is (571) 272-3869. 
The examiner can normally be reached on M-F from 1pm to 9pm. 

If attempts to reach the examiner by telephone are unsuccessful, the Examiner's 
supervisor, Emmanuel Moise, can be reached on (571) 272-3865. The fax phone number for the 
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organization where this application or proceeding is assigned is: (703) 872-9306. Any inquiry of 
a general nature or relating to the status of this application or proceeding should be directed to 
the receptionist whose telephone number is (703) 305-3900. 

7-6-06 
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